-
Notifications
You must be signed in to change notification settings - Fork 798
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
code-refactoring: add secrets controller #1017
code-refactoring: add secrets controller #1017
Conversation
…j-labs#918) * upgrade golangci-lint Signed-off-by: Jaideep Rao <[email protected]> * fix phase reconciliation during host reconciliation Signed-off-by: Jaideep Rao <[email protected]> * address review comment Signed-off-by: Jaideep Rao <[email protected]> * set phase to pending if ingress not found Signed-off-by: Jaideep Rao <[email protected]> --------- Signed-off-by: Jaideep Rao <[email protected]>
* Move to only adding two roles for managed namespaces --------- Signed-off-by: Salem Elrahal <[email protected]> Co-authored-by: Salem Elrahal <[email protected]>
Track and expose custom operator performance metrics --------- Signed-off-by: Jaideep Rao <[email protected]>
…argoproj-labs#964) * Add ArgoCD v1beta1 & deprecate v1alpha1 - Add new ArgoCD v1beta1 api - Mark ArgoCD v1alpha1 as deprecated & add back the removed sso fields - Use server side validation for "kubectl apply" as client side results into failure due to exceeding annotation size limit. Signed-off-by: Siddhesh Ghadi <[email protected]> Add funcs for ArgoCD alpha to beta conversion Signed-off-by: Siddhesh Ghadi <[email protected]> Add conversion webhook - Create webhook & setup webhook server on 9443 - Disable operator namespaced install via OLM so that OLM can handle certs for webhook server - For manual install, user needs to explicitly configure cert manager to inject certs and enable webhook server in operator by setting env ENABLE_CONVERSION_WEBHOOK="true" Signed-off-by: Siddhesh Ghadi <[email protected]> Resolve local build issues Signed-off-by: Siddhesh Ghadi <[email protected]> Tweak webhook configs Signed-off-by: Siddhesh Ghadi <[email protected]> Update operator installation docs Signed-off-by: Siddhesh Ghadi <[email protected]> Add e2e tests Signed-off-by: Siddhesh Ghadi <[email protected]> Minor updates Signed-off-by: Siddhesh Ghadi <[email protected]> Fix go-lint ci failure Signed-off-by: Siddhesh Ghadi <[email protected]> Update docs Signed-off-by: Siddhesh Ghadi <[email protected]> Remove webhook from 0.7.0 bundle Signed-off-by: Siddhesh Ghadi <[email protected]> Add spaces in bundle Signed-off-by: Siddhesh Ghadi <[email protected]> * update 0.8.0 bundle Signed-off-by: Siddhesh Ghadi <[email protected]> --------- Signed-off-by: Siddhesh Ghadi <[email protected]>
…bs#950) Bumps [pygments](https://github.com/pygments/pygments) from 2.7.4 to 2.15.0. - [Release notes](https://github.com/pygments/pygments/releases) - [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES) - [Commits](pygments/pygments@2.7.4...2.15.0) --- updated-dependencies: - dependency-name: pygments dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* upgrade RH-SSO from 7.5 to 7.6 Signed-off-by: iam-veeramalla <[email protected]> * fix: failing tests Signed-off-by: iam-veeramalla <[email protected]> * fix: failing tests Signed-off-by: iam-veeramalla <[email protected]> --------- Signed-off-by: iam-veeramalla <[email protected]>
* Remove dead code Signed-off-by: Siddhesh Ghadi <[email protected]> * Fix import Signed-off-by: Siddhesh Ghadi <[email protected]> * Fix imports Signed-off-by: Siddhesh Ghadi <[email protected]> --------- Signed-off-by: Siddhesh Ghadi <[email protected]>
Signed-off-by: Siddhesh Ghadi <[email protected]>
…bs#973) * Remove .spec.resourceCustomizations code Signed-off-by: Siddhesh Ghadi <[email protected]> * Update docs Signed-off-by: Siddhesh Ghadi <[email protected]> * Update docs Signed-off-by: Siddhesh Ghadi <[email protected]> * Address review comments Signed-off-by: Siddhesh Ghadi <[email protected]> * Fix typo Signed-off-by: Siddhesh Ghadi <[email protected]> --------- Signed-off-by: Siddhesh Ghadi <[email protected]>
* upgrade ArgoCD version to 2.8.2 and update the CRDs Signed-off-by: ishitasequeira <[email protected]> * Update argocd image Signed-off-by: ishitasequeira <[email protected]> --------- Signed-off-by: ishitasequeira <[email protected]>
* Update ArgoCD v1alpha1 deprecation message Signed-off-by: Siddhesh Ghadi <[email protected]> * Run code gen Signed-off-by: Siddhesh Ghadi <[email protected]> --------- Signed-off-by: Siddhesh Ghadi <[email protected]>
…rgoproj-labs#985) * add support for tls self signed certs in AppSet Gitlab SCM Provider Signed-off-by: ishitasequeira <[email protected]> * add e2e test Signed-off-by: ishitasequeira <[email protected]> * add unit tests Signed-off-by: ishitasequeira <[email protected]> * renamed field ScmRootCaPath to SCMRootCaPath Signed-off-by: ishitasequeira <[email protected]> * Add documentation and address comments Signed-off-by: ishitasequeira <[email protected]> * Address comments Signed-off-by: ishitasequeira <[email protected]> --------- Signed-off-by: ishitasequeira <[email protected]>
…rgoproj-labs#992) Bumps [github.com/argoproj/argo-cd/v2](https://github.com/argoproj/argo-cd) from 2.8.2 to 2.8.3. - [Release notes](https://github.com/argoproj/argo-cd/releases) - [Changelog](https://github.com/argoproj/argo-cd/blob/master/CHANGELOG.md) - [Commits](argoproj/argo-cd@v2.8.2...v2.8.3) --- updated-dependencies: - dependency-name: github.com/argoproj/argo-cd/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: iam-veeramalla <[email protected]>
) Signed-off-by: minchao <[email protected]>
…operator docs (argoproj-labs#1002) * Update requirements.txt added markdown= 3.3.7 and markdown-include=0.6.0 Signed-off-by: Surajyadav <[email protected]> * Delete docs/assets/extra.css deleted extra.css Signed-off-by: Surajyadav <[email protected]> * Update mkdocs.yml added markdown_extension markdown_include with codehighlight and toggle for screen mode Signed-off-by: Surajyadav <[email protected]> * Update mkdocs.yml Signed-off-by: Surajyadav <[email protected]> --------- Signed-off-by: Surajyadav <[email protected]>
…goproj-labs#1007) * fix: keycloak probes failure results in pod crash Signed-off-by: iam-veeramalla <[email protected]> * fix: use latest keycloak image to handle performance issue Signed-off-by: iam-veeramalla <[email protected]> --------- Signed-off-by: iam-veeramalla <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
…perator into operator-redesign
…perator into op-redesign-add-secrets-controller
Signed-off-by: Jaideep Rao <[email protected]>
…perator into op-redesign-add-secrets-controller
Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Jaideep Rao <[email protected]>
*changed = true | ||
} | ||
|
||
return existingVal, desiredVal |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why desiredVal
is needed in the returnn?
credSecretName := util.NameWithSuffix(sr.Instance.Name, DefaultClusterCredentialsSuffix) | ||
credsSecret, err := workloads.GetSecret(credSecretName, sr.Instance.Namespace, sr.Client) | ||
if err != nil { | ||
sr.Logger.Error(err, "reconcileArgoCDSecret: failed to retrieve secret", "name", credSecretName, "namespace", sr.Instance.Namespace) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to add the "one or more mutations could not be applied" log here as well?
argocdSecretReq := sr.getSecretRequest(*argocdSecretTmpl) | ||
argocdSecret, err := workloads.RequestSecret(argocdSecretReq) | ||
if err != nil { | ||
sr.Logger.Error(err, "reconcileArgoCDSecret: failed to request secret", "name", ArgoCDSecretName, "namespace", sr.Instance.Namespace) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or add the log here when request secret failed?
|
||
// controller logic goes here | ||
// nothing to do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need this comment? If it's necessary can you add a condition like in which case nothing to do? Just to make it clearer.
return nil | ||
} | ||
|
||
// secret exists, nothing to do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a good comment 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left a few comments. I'm not very clear about when to log "one or more mutations could not be applied".
What type of PR is this?
What does this PR do / why we need it:
Adds the new secret controller package that manages secrets not belonging to any specific component, these include:
argocd-secret
it also moves existing code to a file called
removeFunctions.go
so that replaced functions are tracked, and can be maintained in a way so as not to break project compilation unnecessarily, and can all be removed together at the endHave you updated the necessary documentation?
Which issue(s) this PR fixes:
Fixes #?
How to test changes / Special notes to the reviewer: